vulnerability
SUSE: CVE-2018-5244: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | Jan 5, 2018 | May 20, 2018 | Feb 4, 2022 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:N/I:N/A:C)
Published
Jan 5, 2018
Added
May 20, 2018
Modified
Feb 4, 2022
Description
In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure isn't freed when a vcpu is destroyed. This allows guest OS administrators to cause a denial of service (host OS memory consumption) by rebooting many times.
Solutions
suse-upgrade-xensuse-upgrade-xen-develsuse-upgrade-xen-libssuse-upgrade-xen-toolssuse-upgrade-xen-tools-domususe-upgrade-xen-tools-xendomains-wait-disk
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.